NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Hypori Client (Android) v4.1

Certificate Date:  2018.08.24

Validation Report Number:  CCEVS-VR-VID10874-2018

Product Type:    Application Software

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for Application Software Version 1.2

CC Testing Lab:  Leidos Common Criteria Testing Laboratory

CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Product Description

The Target of Evaluation (TOE) is the Hypori Client (Android) 4.1. 

In the Hypori Virtual Mobile Infrastructure (VMI) platform, end users running an Android Hypori Client on their mobile device access a virtual Android device running on a server in the cloud. The virtual device on the server contains the operating system, the data, and the applications, using TLS 1.2 encryption to communicate securely with the Hypori Client. The Hypori Android thin client application provides secure access to the remote Android virtual device and brokers access between the mobile device’s sensors and the applications executing in the virtual device on a Hypori server. The client applications are agnostic to the version of Android executing in the virtual device.

The Hypori VMI platform includes the following components:

·         Hypori Client (the TOE): This is a thin client that installs on the end user’s mobile device and communicates with the Hypori Virtual Device on the server through secure encrypted protocols.

·         Hypori Virtual Device: This is an Android-based virtualized version of the end user’s mobile device.

·         Hypori Servers: This is the cloud server cluster that hosts the ACE Devices.

·         Hypori Admin Console: This is a browser-based administration user interface that is used to manage the Hypori system.

Evaluated Configuration

Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme.  The product was evaluated at an Evaluated Assurance Level EAL1.  The criteria against which the Hypori Client (Android) 4.1 was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 4.  The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 4.   The product, when delivered and configured as identified in the Hypori User Guide Common Criteria Configuration and Operation, Version 4.1 document, satisfies all of the security functional requirements stated in the Hypori Virtual Mobile Infrastructure Platform 4.1Hypori Client (Android) Security Target, Version 4.1, May 31, 2018.  The project underwent CCEVS Validator review.  The evaluation was completed in August 2018.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.

Environmental Strengths

Cryptographic Support

The TOE establishes secure communication with the Hypori server using TLS. The client uses cryptographic services provided by the platform. TOE stores credentials and certificates for mutual authentication in the platform’s keychain.

User Data Protection

The TOE informs a user of hardware and software resources the TOE accesses. It uses the platform’s permission mechanism to get a user’s approval for access as part of the installation process. The user initiates a secure network connection to the Hypori server using the TOE. In general, sensitive data resides on the Hypori server and not the Hypori Client, although the client does store credentials in the Android key store.

Identification and Authentication

The TOE uses the platform’s certification validation services to authenticate the X.509 certificate the Hypori server presents as part of establishing a TLS connection.

Security Management

Security management consists of setting Hypori Client configuration options. The TOE uses the platform’s mechanisms for storing the configuration settings.


The TOE does not transmit PII over a network.

Protection of the TSF

The TOE uses security features and APIs that the platform provides. The TOE leverages package management for secure installation and updates. The TOE package includes only those third-party libraries necessary for its intended operation.

Trusted Path/Channels

TOE uses TLS 1.2 for all communication with Hypori server.

Vendor Information

Intelligent Waves, LLC
Matthew Stern
Site Map              Contact Us              Home